search howto to stop mail that hasn't reversdns or rong reversedns

[snaaps]

Hello,

becouse whe recieved a lot of spam I will stop incomming mail thats hasn't a good reverse DNS.


mails that has no reverse dns I want to block!
mails that have rong reverse dns I want to block

is there anybody that can give me a howto to config these?

 

[rotty100]

Hey Snaap
( Uhosting WHT )
Het is erg , ik zoek ook naar betere oplossingen.

Nobody know a good spamfilter for DA .?

 

[streamservice]

snaaps ik zal even met een systeembeheerder hier overleggen over of we deze openbaar kunnen maken.

I will ask if we can publish the required config files for spam assassin.

 

[nobaloney]

becouse whe recieved a lot of spam I will stop incomming mail thats hasn't a good reverse DNS.

mails that has no reverse dns I want to block!
mails that have rong reverse dns I want to block

That's probably not a good idea. If you block servers without reverse DNS you'll block lots of perfectly good domains. And of course you'll block anyone whose DNS server(s) can't be reached as well as everyone if your DNS server is for some reason broken.

That said, I found a version of this:

# Block if the sender host does not have valid reverse DNS.
$sender_host_address
  deny message   = Broken Reverse DNS  no host name found for IP address $sender_host_address  See [url]http://example.com[/url]
       condition = ${if and\
                    {{def:sender_host_address}\
                    {!def:sender_host_name}}\
                   {yes}{no}}

here.

I'm not sure what you mean by wrong reverse DNS. If you mean the rDNS must match the server name, that's easy, although this is RFC ignorant and will probably get you blocked by a lot of mailservers. But if you mean it must match the domain name, well that's impossible; anyone using this would block most domains on your server.

Jeff

 

[snaaps]

thanks for the link, it works great!

if the mail can not deliverd to our server thats not our problem but the problem of the mail server from the sender!

We will test these for a couple of days, I fink that this will reduce a lot of spam!

 

[xemaps]

you will have a lot of reject for multiple reasons, then you can be blacklisted.

You can not use this way.

 

[snaaps]

hmm, why do many providers blocked mail that hassend Reverse dns?
I can not believe that all these providers will blocked because they are not accept mails without Reverse DNS.

 

[xemaps]

let's try for fun

 

[nobaloney]

hmm, why do many providers blocked mail that hassend Reverse dns?
I can not believe that all these providers will blocked because they are not accept mails without Reverse DNS.

They obviously don't care if they inconvenience their customers.

The big guys don't have to worry about being blocked because most of us won't risk (for example) blocking everyone on Earthlink or AOL.

Instead of using deny why don't you try warn for a while and check your logs to see how often it happens and whether or not the mail is mail you'd rather not block. My gut feeling is that you'll create a lot more false positives than you'll like.

But that of course would be up to you.

Jeff

 

[snaaps]

for dutch readers, go to WHT for a discusion about blocking mail with reverse dns:
http://www.webhostingtalk.nl/scripting-techniek-beveiliging/109409-geen-reverse-dns.html

The problem of spamassin is that this program use a lot of cpu.
But, I will look at it if its posible that we give mails 100 points iff they have no reverse dns.

iff sombody have a link for me where we can find information about reverse dns and spamasassin please post it here.

 

[xemaps]

SA use lot of memory and cpu load (not cpu!) if misconfigured.
Some user have too much .cf rules, they add all rules they find, and forget to use basic reject at smtp time, this is THE KEY.
I have only 5-6%load, 2%cpu, and use less than 300Mb memory all together on Centos.

here SA tests performed : http://spamassassin.apache.org/tests_3_1_x.html

All these informations are easy to find by googling, and/or read manuals, even forum...